package com.woniu.main.configuration;


import java.util.LinkedHashMap;
import java.util.Map;




import org.apache.shiro.authc.credential.HashedCredentialsMatcher;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import com.woniu.main.realm.AdministratorsRealm;


@Configuration
public class ShiroConfig {
	   //配置realm
		@Bean
		public AdministratorsRealm getRealm() {
			AdministratorsRealm realm=new AdministratorsRealm();
			return realm;
		}
//		安全管理器
		@Bean
		public DefaultWebSecurityManager getManager(AdministratorsRealm realm) {
			DefaultWebSecurityManager manager=new DefaultWebSecurityManager();
			manager.setRealm((Realm) realm);
			return manager;
		}
		//过滤器
		@Bean
		public ShiroFilterFactoryBean getFactory(DefaultWebSecurityManager manager) {
			ShiroFilterFactoryBean shiroFilterFactoryBean=new ShiroFilterFactoryBean();
			shiroFilterFactoryBean.setSecurityManager(manager);
//			没有认证，则跳转到登陆页面
			shiroFilterFactoryBean.setLoginUrl("/index.html");
//			没有权限
			shiroFilterFactoryBean.setUnauthorizedUrl("/notpermission.html");
			//自定义过滤器
			
//			过滤器连
			Map<String, String> map=new LinkedHashMap<>();//需要保证有序
			map.put("/index.html", "anon");
			map.put("/login", "anon");
            map.put("/register", "anon");
			map.put("/user/login", "anon");
			map.put("/druid/**", "anon");
			
			map.put("/**", "anon");
			shiroFilterFactoryBean.setFilterChainDefinitionMap(map);
			return shiroFilterFactoryBean;
		}
		
		@Bean
		public HashedCredentialsMatcher getHashedCredentialsMatcher(){
			HashedCredentialsMatcher hashedCredentialsMatcher=new HashedCredentialsMatcher();
			hashedCredentialsMatcher.setHashAlgorithmName("MD5");
			hashedCredentialsMatcher.setHashIterations(1024);
			return hashedCredentialsMatcher;
		}
}
